
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
248
|
Chapter 8: Database Security
Stopping the Server
Anyone with SHUTDOWN privilege may stop the MySQL server by running
mysqladmin shutdown. The mysql user may also stop the server at the operating sys-
tem level with commands such as
service mysqld stop.
Backups
A database administrator should periodically dump tables to files in case data
becomes lost or corrupted and needs to be recovered. The mysqldump client writes
all the SQL commands needed to re-create the tables and insert all the data rows.
The backup file permissions should only allow reading and writing by the mysql user
and group.
Logging
MySQL writes logs to record errors, queries, slow queries, and updates. These are
normally written to the same data directory that contains the MySQL database.
Besides protecting these files from snooping, they should be rotated before they fill
up the disk. Red Hat includes a mysql-log-rotate script as part of its logrotate
package.
Replication
To enhance speed and reliability, MySQL can be configured to replicate data in
many ways. This introduces many issues that are better explained in the book, High
Performance MySQL (O’Reilly). In terms of security, you want to protect the data
streams among master(s) and slaves.
Queries
Database servers have some of the same problems as web servers. Each ...